Hi there,
I have a Kubernetes cluster with 3 master nodes and 3 worker nodes.
All of the nodes are in the same subnet: 172.19.11.61-172.19.11.66
The MySQL server was installed on an Ubuntu machine: 172.19.11.60
I define a service and an endpoint to use the external database as follows:
external-mysql-svc.yaml
kind: Service
apiVersion: v1
metadata:
name: external-mysql-db
namespace: iam
spec:
clusterIP: None
ports:
- port: 3306
targetPort: 3306
---
kind: Endpoints
apiVersion: v1
metadata:
name: external-mysql-db
namespace: iam
subsets:
- addresses:
- ip: 172.19.11.60
ports:
- port: 3306
The deployment of Keycloak and keycloak service
keycloak-deploy.yaml
apiVersion: v1
kind: Service
metadata:
name: keycloak
namespace: iam
labels:
app: keycloak
spec:
type: ClusterIP
clusterIP: None
ports:
- name: https
port: 443
targetPort: 8443
selector:
app: keycloak
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: keycloak
namespace: iam
labels:
app: keycloak
spec:
replicas: 1
selector:
matchLabels:
app: keycloak
template:
metadata:
labels:
app: keycloak
spec:
containers:
- name: keycloak
image: quay.io/keycloak/keycloak:12.0.3
env:
- name: KEYCLOAK_USER
value: "admin"
- name: KEYCLOAK_PASSWORD
value: "admin"
- name: PROXY_ADDRESS_FORWARDING
value: "true"
- name: DB_VENDOR
value: mysql
- name: DB_ADDR
value: external-mysql-db
- name: DB_DATABASE
value: keycloak
- name: DB_PORT
value: "3306"
- name: DB_USER
value: keycloak-user
- name: DB_PASSWORD
value: "DBpassword"
- name: JGROUPS_DISCOVERY_PROTOCOL
value: dns.DNS_PING
- name: JGROUPS_DISCOVERY_PROPERTIES
value: 'dns_query=external-mysql-db.iam'
- name: CACHE_OWNERS_COUNT
value: "2"
- name: CACHE_OWNERS_AUTH_SESSIONS_COUNT
value: "2"
ports:
- name: http
containerPort: 8080
- name: https
containerPort: 8443
readinessProbe:
httpGet:
path: /auth/realms/master
port: 8080
initialDelaySeconds: 30
I wonder whether the env DB_ADDR
is correct or not?